Connect your site to Webfiable (webfiable.com) to track config health and get security recommendations. Public early access (white march). Free.
Lightweight WordPress security scanner and hardening tool. Detects malware, suspicious plugins, admin changes, and protects your site with built-in security options.
A basic security plugin for WordPress 4.x, 5.0 or higher. You can selectively disable unused features in WordPress core...
Create a private login URL and hide /wp-login.php with stealth 404s. Logged-out /wp-admin/ visits redirect to your homepage.
Hardens and protects your site by locking down login, REST API, XML‑RPC, file editor, and applying HTTP security headers.
This plugin will check for a user named 'admin' and prompt the user to create a new account.
A simple way to clean and secure WordPress by disabling unnecessary features like comments, XML-RPC, and RSS feeds.
Basic hardening: secure headers, login honeypot, user enumeration blocking, generic login errors, rate limiting, and more.
The WeSecur plugin audits and protects your WordPress by daily analyzing malware, blacklists and vulnerabilities that can be exploited to infect your website and blocking attacks and spambots with tools specially designed to protect your WordPress.
Firewall, malware scan & IP blocking for WordPress, with Quick Scan Overall Security Rating, hardening, quarantine and integrity checks. PRO adds AI.
Adds some extra security to your WordPress with only one click.
Firewall, Scanner, Login Protect, block user enumeration and TOR, disable Json WordPress Rest API, xml-rpc (xmlrpc) & Pingback.
TotalWeb strengthens your site security with malware defense, brute-force protection, firewall rules, and smart hardening controls.
The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
A lightweight, zero configuration plugin that removes all WordPress version output from your site for improved security and cleaner markup.
Put your WordPress site in read-only mode — block persistent changes while keeping the site browsable until an administrator disables the freeze.
Simple one-click WordPress security. Protect your site in 30 seconds.
PF Secure Toolkit is a lightweight, modular plugin to harden WordPress by disabling unnecessary features.
Per-user Safe Mode plus role-based client restrictions for safer troubleshooting and cleaner client handoff.